Ukraine discovers lingering breaches 1 year into Russia invasion

Multiple Ukraine government website breaches were discovered on the eve of the one-year mark of Russia’s invasion.

By Matt Kapko • Feb. 24, 2023

For GoDaddy customers, a long dwell time means all could be victims

The web hosting provider has not shared additional details outlining the extent of the breach, but experts are highlighting the incident's multiple red flags.

By Matt Kapko • Feb. 23, 2023

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

tk

By Cybersecurity Dive staff

Dole hit by ransomware, North America operations briefly disrupted

The attack against the produce giant marks the latest in a series of cybersecurity threats targeting the food industry.

By David Jones • Feb. 23, 2023

Attackers reduce complexity to catch more potential victims

Palo Alto Networks warns attackers are building economies of scale by conducting more efficient operations and complementing their skills with commercially available tools.

By Matt Kapko • Feb. 23, 2023

Phishing, king of compromise, remains top initial access vector

IBM Security X-Force’s annual threat intelligence report highlights what makes phishing such a dangerous and persistent point of entry.

By Matt Kapko • Feb. 22, 2023

Companies grapple with post-breach disclosure risks

The concerns leading organizations to withhold information are aplenty, including reputational damage and financial impacts.

By Matt Kapko • Feb. 16, 2023

IT security budgets triple as businesses confront more cyberattacks across Europe, US

Five-year data from Hiscox shows businesses are facing more frequent and more costly attacks.

By David Jones • Feb. 16, 2023

What’s known about the ESXiArgs ransomware hitting VMware servers

An initial strain affected thousands of devices before a new variant emerged. The latest burst of attacks hit Saturday.

By Matt Kapko • Feb. 15, 2023

VMware ransomware was on the rise leading up to ESXiArgs spree, research finds

Recorded Future analysis underscores a growing ransomware threat confronting organizations using VMware ESXi.

By Matt Kapko • Feb. 13, 2023

VMware ransomware evolves to evade data recovery, reinfects servers

The new ESXiArgs strain has reinfected more than 1,150 VMware servers and represents more than 4 in 5 live infections, according to open-source ransomware data.

By Matt Kapko • Feb. 10, 2023

Unsophisticated ransomware campaign targeting VMware ripe for copycats

Ransomware doesn’t typically hit thousands of potential victims at once. “All of it’s very strange,” one security researcher said.

By Matt Kapko • Feb. 8, 2023

Ransomware attack spree hits thousands of VMware servers

Cyber authorities linked the attacks, dubbed ESXiArgs, to a two-year-old VMware vulnerability. At least 2,250 machines have been compromised.

By Matt Kapko • Feb. 6, 2023

Hive takedown puts ‘small dent’ in ransomware problem

Successful law enforcement actions against ransomware can only do so much. The threat is omnipresent, lucrative and largely in the shadows.

By Matt Kapko • Feb. 6, 2023

T-Mobile CEO spins recent breach, says its cybersecurity chops ‘showed up’

“Our systems and policies protected the most sensitive kinds of customer data,” Mike Sievert said on an earnings call. “We take this issue very seriously.”

By Matt Kapko • Feb. 1, 2023

GitHub resets code signing certificates following breach

The incident closely follows a series of indirect source code repository breaches impacting Slack and Okta.

By Matt Kapko • Feb. 1, 2023

Exchange Server under pressure as opportunistic actors step up attacks

Bitdefender Labs warns threat actors are using the ProxyNotShell/OWASSRF exploit chains to launch attacks.

By David Jones • Jan. 25, 2023

Breach hits GoTo, the parent company of LastPass

Damage caused by a cyberattack on a shared cloud storage service is adding to the fallout for both companies.

By Matt Kapko • Jan. 24, 2023

Los Angeles school system shifts timeline of ransomware attack

Post-breach investigations are complex. The timeline and scope of damage inflicted often change as investigations unfold.

By Matt Kapko • Jan. 24, 2023

Experts question T-Mobile’s security culture as breach cycle churns

The gap between the threat actor’s intrusion and T-Mobile’s detection underscores multiple unresolved challenges.

By Matt Kapko • Jan. 20, 2023

T-Mobile breached again, 37M customer accounts exposed

The incident marks the latest in a series of data breaches, the worst of which occurred in August 2021 and exposed the data of at least 76.6 million people.

By Matt Kapko • Jan. 19, 2023

PayPal warns 35,000 customers of exposure following credential stuffing attack

Impacted customers were notified of the incident nearly a month after it was discovered. It’s unclear where or how customer account credentials were obtained.

By Matt Kapko • Jan. 19, 2023

World Economic Forum officials warn global instability could lead to catastrophic cyber event

A report released at the WEF said top business leaders and security experts fear heightened geopolitical tensions could result in a major attack in the next two years.

By David Jones • Jan. 19, 2023

Mailchimp hit by second cyberattack in 6 months, 133 customers impacted

The social engineering incident is similar to an August cyberattack that targeted customers in the crypto industry.

By David Jones • Jan. 19, 2023

CircleCI probe links malware placed on engineer’s laptop to larger breach

An unauthorized actor, after stealing a valid SSO session, was able to exfiltrate data, including customer environment variables, tokens and keys.

By David Jones • Jan. 13, 2023

Citrix flaw exploited in ransomware attack against small US business

Threat actors linked to ransomware group Royal are actively exploiting a vulnerability in two Citrix products, researchers found.

By David Jones • Jan. 13, 2023